Overview

overview

10

Static

static

10

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2RS890Xh.exe

  • Size

    222KB

  • MD5

    e182fc3c9a7ae3d4aa8d960f3a7b3ad8

  • SHA1

    92b0ecbbef6d14482334e94e78919ef60c2747fc

  • SHA256

    46e5286bbe439687da6401d92b2b441a9778b840909e509a95c6972014739e2f

  • SHA512

    3096f63193d718b258a2fde5eab78dc37d8156da39c23472befdbd9105cba13200e3df095d61255a111b3d4d0b5c7187e89b59d43dcc31236a5e8e2fe5163a55

  • SSDEEP

    3072:XjJsVUnYNgcDTrB2Sr1DDfNt/qOWGkHCfbLCdrUd2j:XjJsSYNgcDn4SZDzH/oGkHCDL2rUd

Score
10/10
kinderredline

Malware Config

Extracted

Family

redline

Botnet

kinder

C2

109.107.182.133:19084

Signatures

  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2RS890Xh.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections